I am used to using RedHat, whereby I make sure I have the iptables package installed and I can use "chkconfig" to see if iptables has system-V runtime setup to be on or off, and the iptables-save data goes into /etc/sysconfig/iptables for reload on reboot (or change of SysV init level).
What is the "Debian" way of doing this?
I have iptables installed and I can add iptables rules and they work, but I did a grep for "iptables" in /etc/init.d/* and nothing matches, and I searched through /etc for files that contain firewall rules and didn't see any?
Thanks to Keith for the reply. I looked at that script you mentioned, and it looked pretty detailed. In the meantime I found a way that works for my situation.
In the /etc/network/interfaces file you can add lines for commands to run when bringing up or down (or pre-up and pre-down commands). Since I just have one interface on my local workstation (eth0) I just added up , pre-down, and down lines like so:
[EMAIL PROTECTED]:/etc/network# cat /etc/network/interfaces # Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or # /usr/share/doc/ifupdown/examples for more information.
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.10.10.69
netmask 255.255.255.0
broadcast 10.10.10.255
gateway 10.10.10.1
up cat /etc/iptables-save.out | /sbin/iptables-restore
pre-down cp /etc/iptables-save.out /etc/iptables-save.out.backup
down /sbin/iptables-save > /etc/iptables-save.out
I tested it and it seems to work pretty well. :-)
-Ben.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
